The present invention is related to the subject matter of the following commonly assigned, U.S. patent applications: Ser. No. 09/343,628 entitled xe2x80x9cCALENDAR-INDUCED PROGRAM EXECUTIONxe2x80x9d and filed Jun. 30, 1999; and Ser. No. 09/343,626 entitled xe2x80x9cCALENDAR BASED POWER MANAGEMENTxe2x80x9d and filed Jun. 30, 1999. The content of the above-referenced applications is incorporated herein by reference.
1. Technical Field
The present invention generally relates to security for data processing systems and in particular to security systems providing keyed locking for system operation. Still more particularly, the present invention relates to a data processing security system which takes into account a user""s schedule of activities when activating a locking mechanism.
2. Description of the Related Art
Security mechanisms for personal computers, whether desktop or mobile, generally provide security through a password locking mechanism, which is typically activated either by explicit invocation from the user or by an inactivity timer. The password locking mechanism is activated early in the startup process to prevent user from operating a system without the password. Some systems must remain continually powered, however, to serve data requests from a network and for similar reasons.
The problem with requiring explicit invocation of a locking mechanism is a running system is that the user may forget to invoke the locking mechanism before leaving for an extended period of time, compromising the security of the system. On the other hand, locking a system after detecting a period of inactivity may prove a nuisance to the user, who may be working but simply not have need to use the system before the timeout period expires. Having to unlock the system repeatedly to continue working may frustrate the user into disabling the inactivity timer.
Current locking technology also fails to take into consideration the user""s behavior. In particular, if the user is absent for extended periods of time and the system is not locked as a result of inactivity, the system remains unlocked, exposing the confidentiality of the system and its data, and potentially endangering the integrity of the system through unauthorized use.
It would be desirable, therefore, to provide a security system which accounts for a user""s behavior and scheduled activities in activating a system lock.
It is therefore one object of the present invention to provide improved security for data processing systems.
It is another object of the present invention to improve data processing system security systems having keyed locking for system operation.
It is yet another object of the present invention to provide a data processing security system which takes into account a user""s schedule of activities when activating a locking mechanism.
The foregoing objects are achieved as is now described. For events scheduled within a user""s calendar, a security mode is associated with the event. At the start of the scheduled event, the calendar notifies the security module of the security mode and the security mode is initiated. Different security modes may be defined, such as locking the system indefinitely, until the user unlocks the system with the password, locking the system for the duration of the event, or setting a shorter or longer inactivity period for a timer activated lock. Different event types may thus be matched with appropriate security modes, providing better overall security. The security mode, once initiated, may be maintained until the end of the schedule event, at which time the system may revert to a default security mode. Alternatively, the security mode may, by user specification or by default, be maintained until a different security mode is requested by the user, utilizing a password. The security system thus takes into consideration a user""s behavior and scheduled activities in activating a system lock or other security mode.